Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity & Infrastructure Security Agency
America's Cyber Defense Agency

Search

 
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help LocallyFaith-Based CommunityExecutives
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
    Work @ CISA
  • About
    Culture
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Site Links
    Reporting Employee and Contractor Misconduct
    CISA GitHub
    Contact Us
Report a Cyber Issue
America's Cyber Defense Agency
Breadcrumb
  1. Home
Share:

Filters

What are you looking for?

  • Accellion
  • ownCloud
  • Adobe
  • Alcatel
  • Amcrest
  • Android
  • Apache
  • Apple
  • Arcadyan
  • Arcserve
  • Arm
  • Artifex
  • Atlassian
  • Aviatrix
  • Barracuda Networks
  • BQE
  • Cacti
  • ChakraCore
  • Checkbox
  • Cisco
  • CIsco
  • Citrix
  • Code Aurora
  • Crestron
  • CWP
  • D-Link
  • D-Link and TRENDnet
  • Dasan
  • Dell
  • Delta Electronics
  • Docker
  • dotCMS
  • DotNetNuke (DNN)
  • DrayTek
  • Drupal
  • Elastic
  • Embedthis
  • Exim
  • EyesOfNetwork
  • F5
  • FatPipe
  • ForgeRock
  • Fortinet
  • Fortra
  • Fuel CMS
  • GIGABYTE
  • GitLab
  • GNU
  • Google
  • Grafana Labs
  • Grandstream
  • Hewlett Packard (HP)
  • Hikvision
  • IBM
  • IETF
  • Ignite Realtime
  • ImageMagick
  • InduSoft
  • Intel
  • Ivanti
  • Jenkins
  • JetBrains
  • Juniper
  • Kaseya
  • Kentico
  • Laravel
  • LG
  • Liferay
  • Linux
  • McAfee
  • MediaTek
  • Meta Platforms
  • Micro Focus
  • Microsoft
  • MikroTik
  • MinIO
  • Mitel
  • MongoDB
  • Mozilla
  • Nagios
  • NETGEAR
  • Netis
  • Netwrix
  • Novi Survey
  • Npm package
  • October CMS
  • OpenBSD
  • OpenSSL
  • Oracle
  • Palo Alto Networks
  • PaperCut
  • PEAR
  • Perl
  • PHP
  • phpMyAdmin
  • PHPUnit
  • Pi-hole
  • PlaySMS
  • Plex
  • Primetek
  • Progress
  • Pulse Secure
  • QNAP
  • QNAP Systems
  • Qualcomm
  • Quest
  • Rails
  • RARLAB
  • rConfig
  • Realtek
  • Red Hat
  • Redis
  • Rejetto
  • Roundcube
  • Ruckus Wireless
  • SaltStack
  • Samba
  • Samsung
  • SAP
  • Schneider Electric
  • Siemens
  • SIMalliance
  • Sitecore
  • SolarView
  • SolarWinds
  • Sonatype
  • SonicWall
  • Sophos
  • Sudo
  • SugarCRM
  • Sumavision
  • Symantec
  • Synacor
  • SysAid
  • TeamViewer
  • Teclib
  • Telerik
  • Tenda
  • TerraMaster
  • ThinkPHP
  • TIBCO
  • TP-Link
  • Treck TCP/IP stack
  • Trend Micro
  • Trihedral
  • TVT
  • Ubiquiti
  • Unraid
  • vBulletin
  • Veeam
  • Veritas
  • VMware
  • VMware Tanzu
  • WatchGuard
  • WebKitGTK
  • Webmin
  • WebRTC
  • WordPress
  • WSO2
  • XStream
  • Yealink
  • Zabbix
  • Zimbra
  • ZK Framework
  • Zoho
  • Zyxel
No result
Reset

Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in the following formats:

CSV
JSON
JSON Schema


Showing 121 - 140 of 1048
Linux | Kernel

CVE-2010-3904

Linux Kernel Improper Input Validation Vulnerability
Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
  • Action: The impacted product is end-of-life and should be disconnected if still in use.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-05-12
  • Due Date: 2023-06-02
Resources and Notes
https://lkml.iu.edu/hypermail/linux/kernel/1601.3/06474.html
Jenkins | Jenkins User Interface (UI)

CVE-2015-5317

Jenkins User Interface (UI) Information Disclosure Vulnerability
Jenkins User Interface (UI) contains an information disclosure vulnerability that allows users to see the names of jobs and builds otherwise inaccessible to them on the "Fingerprints" pages.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-05-12
  • Due Date: 2023-06-02
Resources and Notes
https://www.jenkins.io/security/advisory/2015-11-11/
Oracle | Java SE and JRockit

CVE-2016-3427

Oracle Java SE and JRockit Unspecified Vulnerability
Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-05-12
  • Due Date: 2023-06-02
Resources and Notes
https://www.oracle.com/security-alerts/cpuapr2016v3.html
Apache | Tomcat

CVE-2016-8735

Apache Tomcat Remote Code Execution Vulnerability
Apache Tomcat contains an unspecified vulnerability that allows for remote code execution if JmxRemoteLifecycleListener is used and an attacker can reach Java Management Extension (JMX) ports. This CVE exists because this listener wasn't updated for consistency with the Oracle patched issues for CVE-2016-3427 which affected credential types.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-05-12
  • Due Date: 2023-06-02
Resources and Notes
https://tomcat.apache.org/security-9.html
Microsoft | Win32k

CVE-2023-29336

Microsoft Win32K Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-05-09
  • Due Date: 2023-05-30
Resources and Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-29336
TP-Link | Archer AX21

CVE-2023-1389

TP-Link Archer AX-21 Command Injection Vulnerability
TP-Link Archer AX-21 contains a command injection vulnerability that allows for remote code execution.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-05-01
  • Due Date: 2023-05-22
Resources and Notes
https://www.tp-link.com/us/support/download/archer-ax21/v3/#Firmware
Apache | Log4j2

CVE-2021-45046

Apache Log4j2 Deserialization of Untrusted Data Vulnerability
Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-05-01
  • Due Date: 2023-05-22
Resources and Notes
https://logging.apache.org/log4j/2.x/security.html
Oracle | WebLogic Server

CVE-2023-21839

Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability that allows an unauthenticated attacker with network access via T3, IIOP, to compromise Oracle WebLogic Server.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-05-01
  • Due Date: 2023-05-22
Resources and Notes
https://www.oracle.com/security-alerts/cpujan2023.html
MinIO | MinIO

CVE-2023-28432

MinIO Information Disclosure Vulnerability
MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-04-21
  • Due Date: 2023-05-12
Resources and Notes
https://github.com/minio/minio/security/advisories/GHSA-6xvq-wj2x-3h3q
PaperCut | MF/NG

CVE-2023-27350

PaperCut MF/NG Improper Access Control Vulnerability
PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-04-21
  • Due Date: 2023-05-12
Resources and Notes
https://www.papercut.com/kb/Main/PO-1216-and-PO-1219
Google | Chrome

CVE-2023-2136

Google Chrome Skia Integer Overflow Vulnerability
Google Chrome Skia contains an integer overflow vulnerability. Specific impacts from exploitation are not available at this time. This vulnerability resides in Skia which serves as the graphics engine for Google Chrome and ChromeOS, Android, Flutter, and other products.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-04-21
  • Due Date: 2023-05-12
Resources and Notes
https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html
Cisco | IOS and IOS XE Software

CVE-2017-6742

Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-04-19
  • Due Date: 2023-05-10
Resources and Notes
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp
Apple | macOS

CVE-2019-8526

Apple macOS Use-After-Free Vulnerability
Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-04-17
  • Due Date: 2023-05-08
Resources and Notes
https://support.apple.com/en-us/HT209600
Google | Chromium V8 Engine

CVE-2023-2033

Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 contains a type confusion vulnerability. Specific impacts from exploitation are not available at this time.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-04-17
  • Due Date: 2023-05-08
Resources and Notes
https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.html
Android | Framework

CVE-2023-20963

Android Framework Privilege Escalation Vulnerability
Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-04-13
  • Due Date: 2023-05-04
Resources and Notes
https://source.android.com/docs/security/bulletin/2023-03-01
Novi Survey | Novi Survey

CVE-2023-29492

Novi Survey Insecure Deserialization Vulnerability
Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-04-13
  • Due Date: 2023-05-04
Resources and Notes
https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx
Microsoft | Windows

CVE-2023-28252

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-04-11
  • Due Date: 2023-05-02
Resources and Notes
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28252
Apple | Multiple Products

CVE-2023-28205

Apple Multiple Products WebKit Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-04-10
  • Due Date: 2023-05-01
Resources and Notes
https://support.apple.com/en-us/HT213720,https://support.apple.com/en-us/HT213721,https://support.apple.com/en-us/HT213722,https://support.apple.com/en-us/HT213723
Apple | iOS, iPadOS, and macOS

CVE-2023-28206

Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Unknown
  • Date Added: 2023-04-10
  • Due Date: 2023-05-01
Resources and Notes
https://support.apple.com/en-us/HT213720, https://support.apple.com/en-us/HT213721
Veritas | Backup Exec Agent

CVE-2021-27876

Veritas Backup Exec Agent File Access Vulnerability
Veritas Backup Exec (BE) Agent contains a file access vulnerability that could allow an attacker to specially craft input parameters on a data management protocol command to access files on the BE Agent machine.
  • Action: Apply updates per vendor instructions.
  • Known To Be Used in Ransomware Campaigns?: Known
  • Date Added: 2023-04-07
  • Due Date: 2023-04-28
Resources and Notes
https://www.veritas.com/support/en_US/security/VTS21-001
  • Go to first pageFirst
  • Go to previous pagePrevious
  • …
  • Page 3
  • Page 4
  • Page 5
  • Page 6
  • Currently on page 7
  • Page 8
  • Page 9
  • Page 10
  • Page 11
  • …
  • Go to next pageNext
  • Go to last pageLast

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now
Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 888-282-0870 Central@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Accessibility
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • Subscribe
  • The White House
  • USA.gov
  • Website Feedback